Drill Apple Core: Up and Down — Fuzz Apple Core Component in Kernel and User Mode for Fun and Profit

Дата: 15.01.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

In this talk, we will show you how to develop the kernel sanitizers to get code-coverage support and memory issues detection support. We also developed very detailed (about 530) patterns based on grammar for XNU syscall api. Then we will give a live demo of latest macOS (10.13.6) root by using 3 0days discovered by our fuzzer. At the end, we will show you another powerful technique to obtain code-coverage without source code in a static way.

By Dongyang Wu, Yuefeng Li & Juwei Lin

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-18/briefings/schedule/index.html#drill-apple-core-up-and-down—fuzz-apple-core-component-in-kernel-and-user-mode-for-fun-and-profit-12923

Об авторе CISOCLUB

Редакция CISOCLUB. Официальный аккаунт. CISOCLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован.